18 December 2017

Ethical Hacking Course

I’ve
been teaching about Information Security for the last two months in
Cáceres, Spain. The first month was about Security
Courses on Networks and Systems and the second month was
about Ethical Hacking. It has been rewarding because, although most
material was got from my daily job, I’ve had to read, learn and
test many tools and attacks to be able to show and explain everything
clearly, which I really like. Therefore, I’m going to write an
overview about what we have been learning for the last month in the
Ethical Hacking Course.

The first
day of the course, we were talking about ethics and cybersecurity,
which is very important if we don’t want to be punished or going
to the jail. We also spoke about many tools and techniques to audit
information systems for the first week like Hping, Nmap, Wireshark,
Tcpdump, Network Miner, etc. In addition, we had time for the first
week to see and explain latest important vulnerabilities like
Heartbleed,
Apache
Struts and Shellshock as well as testing with
vulnerabilities assessment systems like Greenbone and OpenVAS
into Kali Linux and OSSIM.

Shellshock vulnerability

The second week was loaded of intrusion techniques. First, we were
playing with ARP Spoofing attacks to make MITM attacks
and sniffing traffic with Wireshark. We also used Cain & Abel
to steal passwords as well as we learnt about IP Spoofing and
Session Hijacking. What’s more, students liked Armitage
to attack easily, which was tested against Metasploitable. In
addition, we were also learning about information gathering and
footprinting where we installed and tested tools like Anubis,
FOCA, Maltego and Nslookup.

Session Hijacking

Once
students knew basic concepts about Ethical Hacking, we started the
third week with advanced concepts like Domain
Generation Algorithms(DGA) to bypass blacklists and
domain reputation systems, and we also talked about the DNS technique
called Fast-Flux
to hide C&C servers. We were also talking about Open Source
Intelligence (OSINT) and the power of search engines, where we
used many filters into the Google Search Engine, and we also searched
into IoT sources like Shodan, Censys and ZoomEye.

Fast-Flux Network

We were
installing and testing many tools for the third week. For instance,
we also used lots of network scanners like zmap, fping
and zenmap. Moreover, we were talking about the Smurf
Attack and we also made social engineering attacks with
Social-Engineering
Toolkit (SET) where we launched a Windows
Powershell attack and we cloned webpages for phishing
attacks. In addition, password cracking was another unit for the
third week where we learnt how to use bruteforce tools like THC
Hydra, John the Ripper and CeWL.